Security News > 2021 > September > Large-Scale Phishing-as-a-Service Operation Exposed

The turnkey platform allows users to customize campaigns and develop their own phishing ploys so they can then use the PhaaS platform to help with phishing kits, email templates and hosting services needed to launch attacks.

With more than 100 available phishing templates that mimic known brands and services-including Microsoft itself-the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today, they said.

Phishers use these emails-which sometimes fool people by impersonating a trusted company, application or institution-to direct people to specially crafted phishing sites so they can enter credentials, thinking they are doing so for a legitimate reason.

Phishing is often a gateway drug into other criminal activity; phishers sell credentials obtained through campaigns on the dark web, and they can be used by ransomware gangs as an entry point into networks to deliver ransomware attacks, among other nefarious activity.

While previously, criminals who wanted to launch these attacks had to build phishing emails and brand-impersonating websites on their own, "The phishing landscape has evolved its own service-based economy," researchers said.

Like any service provider, the group explains on an "About Us" page on its site the services it provides, including the sale of a "Unique scam page" as well as a monthly hosted subscription service to set up a customer's phishing operation.

News URL

https://threatpost.com/phishing-as-a-service-exposed/174932/